Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

An Analysis of the TACACS+ Protocol and its Implementations

From: gaus () CISCO COM (Damir Rajnovic)
Date: Mon, 10 Jul 2000 10:29:07 +0100

Hello,

For all of you who do remember Solar's analysis and my reply on this
subject (my reply is at [probably wrapped]:
4.2.0.58.20000530120817.00acec70 () amsterdam cisco 
com">http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-05-29&msg=4.2.0.58.20000530120817.00acec70 () 
amsterdam cisco com</A> )

We updated our unsupported version of TACACS+ server so it is no
longer vulnerable to oversized T+ packets. You can download the
new version, F4.0.4 alpha, if you follow this URL:
ftp://ftp-eng.cisco.com/pub/tacacs

Cheers,

Gaus
==============
Damir Rajnovic <psirt () cisco com>, PSIRT Incident Manager, Cisco Systems
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
Phone: +44 7715 546 033
4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB
==============
There is no insolvable problems. Question remains: can you
accept the solution?
Previous By Date Next
Previous By Thread Next

Current thread: